package com.salmon.security.browser.config;

import com.salmon.security.core.authentication.mobile.SmsCodeAuthenticationSecurityConfig;
import com.salmon.security.core.authorization.AuthorizeConfigManager;
import com.salmon.security.core.properties.SecurityProperties;
import com.salmon.security.core.social.SocialConfig;
import com.salmon.security.core.validate.code.SecurityConstants;
import com.salmon.security.core.validate.code.ValidateCodeFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.social.security.SpringSocialConfigurer;

@Configuration
public class BrowserSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private SecurityProperties securityProperties;

    @Autowired
    private SmsCodeAuthenticationSecurityConfig smsCodeAuthenticationSecurityConfig;

    @Autowired
    private ValidateCodeFilter validateCodeFilter;

    @Autowired
    private SpringSocialConfigurer salmonSocialSecurityConfig;


    @Autowired
    private AuthorizeConfigManager authorizeConfigManager;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class)
                .formLogin()
                .loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL)
                .loginProcessingUrl(SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_FORM)
        .and().csrf().disable();
        // 加装短信验证码的认证(authentication)配置
        http.apply(smsCodeAuthenticationSecurityConfig);
        http.apply(salmonSocialSecurityConfig);
        authorizeConfigManager.config(http.authorizeRequests());
    }
}
